Subversion Repositories oidplus

oidplus/trunk/includes/classes/OIDplusSessionHandler.class.php @ 1300 – Rev 711

Rev 592 | Compare with Previous | Directory listing | Details | Blame | View Log | RSS feed

Last modification

Rev 711 – 2021-12-26 18:33:19
Author: daniel-marschall
Log message:
Auth keys (internally used for email verification etc.) now use HMAC instead of normal hash
Added new base config setting RA_PASSWORD_PEPPER_ALGO (dangerous! Only for experts!)
OIDplusSessionHandler.class.php: Improved internal encryption!

ATTENTION
!!! If you are updating from the TAR.GZ distibution channel, then the update *will* temporarily
!!! FAIL with the error message "Authentication failed". Once the error appears, close your
!!! browser window and delete the cookies, then log-in again, and continue the update process.
!!! (The error happens because of the update of the internal session encryption procedure)

Path	Blame	Diff	Log
/trunk/doc/config_values.txt
/trunk/doc/developer_notes/SERVER_SECRET.txt
/trunk/includes/classes/OIDplusAuthUtils.class.php
/trunk/includes/classes/OIDplusSessionHandler.class.php
/trunk/plugins/viathinksoft/language/dede/messages.xml